QwikSec

Security Database

CVE

CWE

Training

CVE-2022-40303

Published: Nov 22, 2022

Modified: Apr 29, 2025

PUBLISHED

Description

An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3

https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0

https://security.netapp.com/advisory/ntap-20221209-0003/

https://support.apple.com/kb/HT213534

https://support.apple.com/kb/HT213533

https://support.apple.com/kb/HT213531

https://support.apple.com/kb/HT213536

https://support.apple.com/kb/HT213535

20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2

mailing-list

20221220 APPLE-SA-2022-12-13-6 macOS Big Sur 11.7.2

mailing-list

20221220 APPLE-SA-2022-12-13-7 tvOS 16.2

mailing-list

20221220 APPLE-SA-2022-12-13-5 macOS Monterey 12.6.2

mailing-list

20221220 APPLE-SA-2022-12-13-8 watchOS 9.2

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.